CheckMail Password Disclosure Vulnerability

vendor:

CheckMail

by:

SecurityFocus

7.5

CVSS

HIGH

Password Disclosure

200

CWE

Product Name: CheckMail

Affected Version From: 1.2

Affected Version To: 1.2

Patch Exists: NO

Related CWE: N/A

CPE: CheckMail

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows

2002

CheckMail Password Disclosure Vulnerability

It has been reported that a password disclosure issue exists in CheckMail allowing a local user to access sensitive authentication information through the Windows Registry. The software stores user authentication credentials in a Windows Registry that can be viewed by a local user in order to steal e-mail passwords. This issue could lead to further attacks as a malicious user may gather sensitive data through user e-mails.

Mitigation:

Ensure that the Windows Registry key used to store passwords is not accessible to unauthorized users.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/8449/info

It has been reported that a password disclosure issue exists in CheckMail allowing a local user to access sensitive authentication information through the Windows Registry. The software stores user authentication credentials in a Windows Registry that can be viewed by a local user in order to steal e-mail passwords.

This issue could lead to further attacks as a malicious user may gather sensitive data through user e-mails.

It should be noted that the issue has been reported in CheckMail v1.2, however older versions may be vulnerable as well.

Windows Registry key used to store passwords:

HKEY_USERS\S-1-5-21-823518204-436374069-1708537768-1004\Software\DeskSoft\CheckMail